diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
index d9f770b..98e2ca1 100644
--- a/.github/workflows/ci-main.yml
+++ b/.github/workflows/ci-main.yml
@@ -1,42 +1,60 @@
-name: CI Main Branch
+name: ci-main
on:
push:
branches:
- - main
+ - main
jobs:
build:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-20.04
steps:
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - uses: actions/setup-java@v2
- with:
- java-version: '11'
- distribution: 'adopt'
- - uses: s4u/maven-settings-action@v2.4.0
- with:
- githubServer: false
- servers: |
- [
- {
- "id": "dgc-github",
- "username": "${{ secrets.GPR_USER }}",
- "password": "${{ secrets.GPR_PAT }}"
- },
- {
- "id": "ehd-github",
- "username": "${{ secrets.GPR_USER }}",
- "password": "${{ secrets.GPR_PAT }}"
- }
- ]
- - name: Build
- run: mvn install
- - name: Build for Docker Image
- run: mvn clean install -P docker
- - name: Log into registry
- run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin
- - name: Build Docker Image
- run: docker build target/docker --file target/docker/Dockerfile --tag docker.pkg.github.com/${{ github.repository }}/backend:latest
- - name: Push Docker Image
- run: docker push docker.pkg.github.com/${{ github.repository }}/backend:latest
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 11
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: version
+ run: >-
+ APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
+ APP_REV=$(git rev-list --tags --max-count=1);
+ APP_TAG=$(git describe --tags ${APP_REV} 2> /dev/null || echo 0.0.0);
+ APP_VERSION=${APP_TAG}-${APP_SHA};
+ echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
+ echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
+ echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
+ - name: mvn
+ run: >-
+ mvn versions:set
+ --batch-mode
+ --file ./pom.xml
+ --settings ./settings.xml
+ --define newVersion="${APP_VERSION}";
+ mvn clean verify
+ --batch-mode
+ --file ./pom.xml
+ --settings ./settings.xml
+ --define app.packages.username="${APP_PACKAGES_USERNAME}"
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+ env:
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - name: docker
+ run: >-
+ echo "${APP_PACKAGES_PASSWORD}" |
+ docker login "${APP_PACKAGES_URL}"
+ --username "${APP_PACKAGES_USERNAME}"
+ --password-stdin;
+ docker build .
+ --file ./Dockerfile
+ --tag "${APP_PACKAGES_URL}:${APP_VERSION}";
+ docker push "${APP_PACKAGES_URL}:${APP_VERSION}";
+ env:
+ APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/container
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-pull-request.yml b/.github/workflows/ci-pull-request.yml
index 9b887ef..7016d78 100644
--- a/.github/workflows/ci-pull-request.yml
+++ b/.github/workflows/ci-pull-request.yml
@@ -2,35 +2,37 @@ name: ci-pull-request
on:
pull_request:
types:
- - opened
- - synchronize
- - reopened
+ - opened
+ - synchronize
+ - reopened
jobs:
build:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-20.04
steps:
- - uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - uses: actions/setup-java@v2
- with:
- java-version: '11'
- distribution: 'adopt'
- - uses: s4u/maven-settings-action@v2
- with:
- githubServer: false
- servers: |
- [
- {
- "id": "dgc-github",
- "username": "${{ secrets.GPR_USER }}",
- "password": "${{ secrets.GPR_PAT }}"
- },
- {
- "id": "ehd-github",
- "username": "${{ secrets.GPR_USER }}",
- "password": "${{ secrets.GPR_PAT }}"
- }
- ]
- - name: Build package
- run: mvn --batch-mode package
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 11
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: mvn
+ run: >-
+ mvn clean package
+ --batch-mode
+ --file ./pom.xml
+ --settings ./settings.xml
+ --define app.packages.username="${APP_PACKAGES_USERNAME}"
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+ env:
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - name: docker
+ run: >-
+ docker build .
+ --file ./Dockerfile;
diff --git a/.github/workflows/ci-release-notes.yml b/.github/workflows/ci-release-notes.yml
index 2c6aa5c..b155d77 100644
--- a/.github/workflows/ci-release-notes.yml
+++ b/.github/workflows/ci-release-notes.yml
@@ -2,17 +2,24 @@ name: ci-release-notes
on:
release:
types:
- - created
+ - created
jobs:
- build:
- runs-on: ubuntu-latest
+ release-notes:
+ runs-on: ubuntu-20.04
steps:
- - uses: actions/checkout@v2
- - name: release notes
- run: |
- TAG=${GITHUB_REF/refs\/tags\/}
- npx github-release-notes release --override --tags ${TAG}
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- GREN_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - name: version
+ run: >-
+ APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
+ APP_TAG=${GITHUB_REF/refs\/tags\/}
+ APP_VERSION=${APP_TAG};
+ echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
+ echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
+ echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
+ - name: release-notes
+ run: npx github-release-notes release --override --tags ${APP_TAG}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ GREN_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml
new file mode 100644
index 0000000..d3205d0
--- /dev/null
+++ b/.github/workflows/ci-release.yml
@@ -0,0 +1,61 @@
+name: ci-release
+on:
+ release:
+ types:
+ - created
+jobs:
+ release:
+ runs-on: ubuntu-20.04
+ steps:
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 11
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: version
+ run: >-
+ APP_SHA=$(git rev-parse --short ${GITHUB_SHA});
+ APP_TAG=${GITHUB_REF/refs\/tags\/}
+ APP_VERSION=${APP_TAG};
+ echo "APP_SHA=${APP_SHA}" >> ${GITHUB_ENV};
+ echo "APP_TAG=${APP_TAG}" >> ${GITHUB_ENV};
+ echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV};
+ - name: mvn
+ run: >-
+ mvn versions:set
+ --batch-mode
+ --file ./pom.xml
+ --settings ./settings.xml
+ --define newVersion="${APP_VERSION}";
+ mvn clean deploy
+ --batch-mode
+ --file ./pom.xml
+ --settings ./settings.xml
+ --define app.packages.username="${APP_PACKAGES_USERNAME}"
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+ env:
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+ - name: docker
+ run: >-
+ echo "${APP_PACKAGES_PASSWORD}" |
+ docker login "${APP_PACKAGES_URL}"
+ --username "${APP_PACKAGES_USERNAME}"
+ --password-stdin;
+ docker build .
+ --file ./Dockerfile
+ --tag "${APP_PACKAGES_URL}:latest"
+ --tag "${APP_PACKAGES_URL}:${APP_VERSION}";
+ docker push "${APP_PACKAGES_URL}:latest";
+ docker push "${APP_PACKAGES_URL}:${APP_VERSION}";
+ env:
+ APP_PACKAGES_URL: docker.pkg.github.com/${{ github.repository }}/container
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/ci-sonar-check.yml b/.github/workflows/ci-sonar-check.yml
deleted file mode 100644
index 49be839..0000000
--- a/.github/workflows/ci-sonar-check.yml
+++ /dev/null
@@ -1,45 +0,0 @@
-name: Sonar Cloud Check
-on:
- workflow_dispatch:
- push:
- branches:
- - main
- pull_request:
- types:
- - opened
- - synchronize
- - reopened
-jobs:
- build:
- runs-on: ubuntu-latest
- steps:
- - name: Checkout Git
- uses: actions/checkout@v2
- with:
- fetch-depth: 0
- - name: Setup Java
- uses: actions/setup-java@v2
- with:
- java-version: '11'
- distribution: 'adopt'
- - uses: s4u/maven-settings-action@v2
- with:
- githubServer: false
- servers: |
- [
- {
- "id": "dgc-github",
- "username": "${{ secrets.GPR_USER }}",
- "password": "${{ secrets.GPR_PAT }}"
- },
- {
- "id": "ehd-github",
- "username": "${{ secrets.GPR_USER }}",
- "password": "${{ secrets.GPR_PAT }}"
- }
- ]
- - name: Sonar Check
- run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
- env:
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/.github/workflows/ci-sonar.yml b/.github/workflows/ci-sonar.yml
new file mode 100644
index 0000000..b7f2f3a
--- /dev/null
+++ b/.github/workflows/ci-sonar.yml
@@ -0,0 +1,39 @@
+name: ci-sonar
+on:
+ push:
+ branches:
+ - main
+ pull_request:
+ types:
+ - opened
+ - synchronize
+ - reopened
+jobs:
+ sonar:
+ runs-on: ubuntu-20.04
+ steps:
+ - uses: actions/setup-java@v2
+ with:
+ java-version: 11
+ distribution: adopt
+ - uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
+ - uses: actions/cache@v2
+ with:
+ path: |
+ ~/.m2/repository
+ key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
+ - name: mvn
+ run: >-
+ mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+ --batch-mode
+ --file ./pom.xml
+ --settings ./settings.xml
+ --define app.packages.username="${APP_PACKAGES_USERNAME}"
+ --define app.packages.password="${APP_PACKAGES_PASSWORD}";
+ env:
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ APP_PACKAGES_USERNAME: ${{ github.actor }}
+ APP_PACKAGES_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..03de66b
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,4 @@
+FROM adoptopenjdk:11-jre-hotspot
+COPY ./target/*.jar /app/app.jar
+WORKDIR /app
+ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar ./app.jar" ]
diff --git a/src/main/docker/docker-compose.yml b/docker-compose.yml
similarity index 88%
rename from src/main/docker/docker-compose.yml
rename to docker-compose.yml
index 0755b6f..f2103ed 100644
--- a/src/main/docker/docker-compose.yml
+++ b/docker-compose.yml
@@ -17,7 +17,7 @@ services:
backend:
build: .
image: eu-digital-green-certificates/dgc-issuance-service
- container_name: dgc-gateway-backend
+ container_name: dgc-issuance-service
volumes:
- ./certs:/ec/prod/app/san/dgc
ports:
@@ -25,16 +25,16 @@ services:
environment:
- SERVER_PORT=8080
- SPRING_PROFILES_ACTIVE=mysql
- - SPRING_DATASOURCE_URL=jdbc:mysql://dgc-issuance-service-mysql:3306/fg
+ - SPRING_DATASOURCE_URL=jdbc:mysql://dgc-issuance-service-mysql:3306/dgc
- SPRING_DATASOURCE_USERNAME=dgc_adm
- SPRING_DATASOURCE_PASSWORD=admin
- - efgs_dbencryption_password=aaaaaaaaaaaaaaaa
depends_on:
- mysql
networks:
backend:
persistence:
+ restart: unless-stopped
networks:
- persistence:
backend:
+ persistence:
diff --git a/pom.xml b/pom.xml
index 582da87..043b476 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,8 +6,8 @@
eu.europa.ec.dgc
dgca-issuance-service
- 1.0.0-SNAPSHOT
- ${packaging.format}
+ latest
+ jar
dgca-issuance-service
European Digital Green Certificate Issuance Service project.
@@ -15,19 +15,7 @@
T-Systems International GmbH
-
-
- dgc-github
- https://maven.pkg.github.com/${github.organization}/*
-
-
- ehd-github
- https://maven.pkg.github.com/ehn-digital-green-development/*
-
-
-
- jar
11
11
@@ -91,53 +79,23 @@
https://github.com/eu-digital-green-certificates/dgca-issuance-service
-
-
- docker
-
- docker
- jar
-
-
-
-
- org.springframework.boot
- spring-boot-maven-plugin
-
- ${project.build.directory}/docker
- exec
-
-
-
- org.apache.maven.plugins
- maven-resources-plugin
-
-
- copy-dockerfile
- validate
-
- copy-resources
-
-
- ${project.build.directory}/docker
-
-
- ${project.basedir}/src/main/docker
- true
-
-
-
- ${*}
- @
-
-
-
-
-
-
-
-
-
+
+
+ dgc-github
+ https://maven.pkg.github.com/${github.organization}/*
+
+
+ ehd-github
+ https://maven.pkg.github.com/ehn-digital-green-development/*
+
+
+
+
+
+ github
+ https://maven.pkg.github.com/${github.organization}/${github.project}
+
+
@@ -178,18 +136,11 @@
-
-
- github
- https://maven.pkg.github.com/${github.organization}/${github.project}
-
-
-
eu.europa.ec.dgc
dgc-lib
- ${project.version}
+ 1.0.0-SNAPSHOT
mysql
@@ -303,10 +254,22 @@
+
+ org.springframework.boot
+ spring-boot-maven-plugin
+ ${spring.boot.version}
+
org.apache.maven.plugins
maven-checkstyle-plugin
${plugin.checkstyle.version}
+
+
+ com.puppycrawl.tools
+ checkstyle
+ 8.41.1
+
+
org.sonarsource.scanner.maven
@@ -352,7 +315,7 @@
- validate
+ check
validate
check
@@ -367,7 +330,6 @@
org.springframework.boot
spring-boot-maven-plugin
- ${spring.boot.version}
@@ -381,8 +343,8 @@
org.apache.maven.plugins
maven-checkstyle-plugin
- codestyle/checkstyle.xml
- target/**/*
+ ./codestyle/checkstyle.xml
+ ./target/**/*
UTF-8
true
true
@@ -449,8 +411,6 @@
true
-
-
diff --git a/settings.xml b/settings.xml
new file mode 100644
index 0000000..e7f2156
--- /dev/null
+++ b/settings.xml
@@ -0,0 +1,17 @@
+
+
+ false
+
+
+ dgc-github
+ ${app.packages.username}
+ ${app.packages.password}
+
+
+ ehd-github
+ ${app.packages.username}
+ ${app.packages.password}
+
+
+
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile
deleted file mode 100644
index a796dc1..0000000
--- a/src/main/docker/Dockerfile
+++ /dev/null
@@ -1,17 +0,0 @@
-FROM adoptopenjdk:11-jre-hotspot
-
-# Metadata
-LABEL module.name="${project.artifactId}" \
- module.version="${project.version}"
-
-COPY [ "${project.artifactId}-${project.version}-exec.jar", "/app.jar" ]
-
-RUN sh -c 'touch /app.jar'
-
-VOLUME [ "/tmp" ]
-
-ENV JAVA_OPTS="$JAVA_OPTS -Xms256M -Xmx1G"
-
-EXPOSE 8080
-
-ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar /app.jar" ]
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index ab3d782..f1e631b 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -1,9 +1,9 @@
server:
- port: 8090
+ port: 8080
spring:
profiles:
group:
- "dev": "h2"
+ dev: h2
application:
name: eu-digital-green-certificates-issuence
datasource:
@@ -19,11 +19,11 @@ management:
endpoints:
web:
exposure:
- exclude: "*"
+ exclude: '*'
server:
port: -1
issuance:
- dgciPrefix: "dgci:V1:DE"
+ dgciPrefix: dgci:V1:DE
dgc:
trustAnchor:
keyStorePath: /ec/prod/app/san/dgc/dgc-ta.jks
diff --git a/src/main/resources/logback.xml b/src/main/resources/logback.xml
deleted file mode 100644
index 0ce18a5..0000000
--- a/src/main/resources/logback.xml
+++ /dev/null
@@ -1,52 +0,0 @@
-
-
-
-
-
-
-
-
- DEBUG
-
-
-
- timestamp="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}", level="%level", hostname="${HOSTNAME}",
- pid="${PID:-}", thread="%thread", class="%logger{40}", message="%replace(%replace(%m){'[\r\n]+', ',
- '}){'"', '\''}", trace="%X{traceId}", span="%X{spanId}", %X%n
-
- utf8
-
-
-
-
- ${catalina.base:-.}/logs/dgcg.log
-
- ${catalina.base:-.}/logs/dgcg-%d{yyyy-MM-dd}.log
- 90
-
- true
- true
-
-
- timestamp="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}", level="%level", hostname="${HOSTNAME}",
- pid="${PID:-}", thread="%thread", class="%logger{40}", message="%replace(%replace(%m){'[\r\n]+', ',
- '}){'"', '\''}", exception="%replace(%ex){'[\r\n]+', ', '}", trace="%X{traceId}", span="%X{spanId}",
- %X%n%nopex
-
- utf8
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml
index f545d40..0aa41a3 100644
--- a/src/test/resources/application.yml
+++ b/src/test/resources/application.yml
@@ -1,13 +1,13 @@
server:
- port: ${SERVER_PORT:8090}
+ port: ${SERVER_PORT:8080}
spring:
profiles:
active:
- - test
+ - test
include:
- - dev
+ - dev
application:
- name: eu-interop-federation-gateway
+ name: eu-digital-green-certificates-issuence
liquibase:
enabled: true
change-log: classpath:db/changelog.xml
@@ -18,42 +18,3 @@ springdoc:
path: /api/docs
swagger-ui:
path: /swagger
-efgs:
- dbencryption:
- initVector: Ho^RDYDuGt0Ki`\x
- password: G&B3zSk|fNE!.Pa9+Xv2kUYRx2zp|@=|
- trustAnchor:
- keyStorePath: keystore/efgs-ta.jks
- keyStorePass: 3fgs-p4ssw0rd
- certificateAlias: efgs_trust_anchor
- callback:
- locklimit: 1800000
- keyStorePath: keystore/efgs-cb-client.jks
- keyStorePass: 3fgs-p4ssw0rd
- keyStorePrivateKeyAlias: efgs_callback_key
- keyStoreCertificateAlias: efgs_callback_cert
- execute-interval: 300000
- task-lock-timeout: 300
- proxy-host: ${https.proxyHost:}
- proxy-port: ${https.proxyPort:-1}
- proxy-user: ${https.proxyUser:}
- proxy-password: ${https.proxyPassword:}
- timeout: 10000
- core-thread-pool-size: 0
- max-retries: 5
- retry-wait: 300
- content-negotiation:
- protobuf-version: 1.0
- json-version: 1.0
- upload-settings:
- maximum-upload-batch-size: 5000
- download-settings:
- locklimit: 1800000
- max-age-in-days: 14
- cert-auth:
- header-fields:
- thumbprint: X-SSL-Client-SHA256
- distinguished-name: X-SSL-Client-DN
- batching:
- timeinterval: 300000
- doclimit: 5000